> One annoying thing I found when working with hosts that get reinstalled > regularly is I occasionally want to delete there known_host entires. I have > been using ssh-keygen -R to do this. alternative solution: use host certificates rather than host keys. * you distribute a single ca pubkey rather than a hostkey for every host. * you'll _never_ see a "do you accept this host key" message if you're connecting to a host with a correct host cert. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
